Google Android Mobile operating system
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in Google Android.
Recent Google Android Security Advisories
| Advisory | Title | Published |
|---|---|---|
| 2026-03-14 | Chrome Releases: Chrome for Android Update (version 146) | March 14, 2026 |
| 2026-03-13 | Chrome Releases: Chrome for Android Update (version 146) | March 13, 2026 |
| 2026-03-10 | Chrome Releases: Chrome for Android Update (version 146) | March 10, 2026 |
| 2026-03-06 | Chrome Releases: Chrome for Android Update (version 146) | March 6, 2026 |
| 2026-03-04 | Chrome Releases: Chrome for Android Update (version 145) | March 4, 2026 |
| 2026-02-26 | Chrome Releases: Chrome for Android Update (version 146) | February 26, 2026 |
| 2026-02-24 | Chrome Releases: Chrome for Android Update (version 145) | February 24, 2026 |
| 2026-02-21 | Chrome Releases: Chrome for Android Update (version 144) | February 21, 2026 |
| 2026-02-21 | Chrome Releases: Chrome for Android Update (version 145) | February 21, 2026 |
| 2026-02-20 | Chrome Releases: Chrome for Android Update (version 145) | February 20, 2026 |
EOL Dates
Ensure that you are using a supported version of Google Android. Here are some end of life, and end of support dates for Google Android.
| Release | EOL Date | Status |
|---|---|---|
| 16 | - |
Active
|
| 15 | - |
Active
|
| 14 | - |
Active
|
| 13 | March 2, 2026 |
EOL
Google Android 13 became EOL in 2026. |
| 12.1 | March 3, 2025 |
EOL
Google Android 12.1 became EOL in 2025. |
| 12 | March 3, 2025 |
EOL
Google Android 12 became EOL in 2025. |
| 11 | February 5, 2024 |
EOL
Google Android 11 became EOL in 2024. |
| 10 | March 6, 2023 |
EOL
Google Android 10 became EOL in 2023. |
| 9 | January 1, 2022 |
EOL
Google Android 9 became EOL in 2022. |
| 8.1 | January 10, 2021 |
EOL
Google Android 8.1 became EOL in 2021. |
| 8.0 | January 1, 2021 |
EOL
Google Android 8.0 became EOL in 2021. |
| 7.1 | October 1, 2019 |
EOL
Google Android 7.1 became EOL in 2019. |
| 7.0 | October 1, 2019 |
EOL
Google Android 7.0 became EOL in 2019. |
| 6.0 | August 1, 2018 |
EOL
Google Android 6.0 became EOL in 2018. |
| 5.1 | March 1, 2018 |
EOL
Google Android 5.1 became EOL in 2018. |
| 5.0 | March 1, 2018 |
EOL
Google Android 5.0 became EOL in 2018. |
| 4.4w | October 1, 2017 |
EOL
Google Android 4.4w became EOL in 2017. |
| 4.4 | October 1, 2017 |
EOL
Google Android 4.4 became EOL in 2017. |
| 4.3 | - |
Active
|
| 4.2 | - |
Active
|
By the Year
In 2026 there have been 80 vulnerabilities in Google Android with an average score of 7.8 out of ten. Last year, in 2025 Android had 434 security vulnerabilities published. Right now, Android is on track to have less security vulnerabilities in 2026 than it did last year. However, the average CVE base score of the vulnerabilities in 2026 is greater by 0.60.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2026 | 80 | 7.83 |
| 2025 | 434 | 7.23 |
| 2024 | 830 | 7.11 |
| 2023 | 1214 | 6.45 |
| 2022 | 1048 | 6.41 |
| 2021 | 575 | 6.72 |
| 2020 | 702 | 6.85 |
| 2019 | 491 | 7.08 |
| 2018 | 432 | 7.60 |
It may take a day or so for new Android vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Google Android Security Vulnerabilities
Android OS Local Privilege Escalation via OOB Write
CVE-2026-0124
- March 10, 2026
There is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
Memory Corruption
Google: EfwApTransport OOB Write Priv Escalation
CVE-2026-0123
8.4 - High
- March 10, 2026
In EfwApTransport::ProcessRxRing of efw_ap_transport.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
Memory Corruption
Remote Code Execution via OOB Memory Corruption in Google Device
CVE-2026-0122
8.4 - High
- March 10, 2026
In multiple places, there is a possible out of bounds write due to memory corruption. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.
Memory Corruption
VPU UAF Read Causing Local Info Disclosure
CVE-2026-0121
2.9 - Low
- March 10, 2026
In VPU, there is a possible use-after-free read due to a race condition. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.
Dangling pointer
Google Modem OOB Write Enables RCE
CVE-2026-0120
9.8 - Critical
- March 10, 2026
In modem, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.
Memory Corruption
Android USIM Telephony OE: usim_SendMCCMNCIndMsg Out-of-Bounds Write
CVE-2026-0119
6.8 - Medium
- March 10, 2026
In usim_SendMCCMNCIndMsg of usim_Registration.c, there is a possible out of bounds write due to memory corruption. This could lead to physical escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
Memory Corruption
OOBConfig Carrier Restriction Bypass LPE
CVE-2026-0118
8.4 - High
- March 10, 2026
In oobconfig, there is a possible bypass of carrier restrictions due to a logic error. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
Protection Mechanism Failure
Android MFC Driver OOB Write Leads to Local Priv Escalation
CVE-2026-0117
8.4 - High
- March 10, 2026
In mfc_dec_dqbuf of mfc_dec_v4l2.c, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
Memory Corruption
OUT-OF-BOUNDS WRITE IN mfc_core_isr.c OF Google Nest, RCE
CVE-2026-0116
9.8 - Critical
- March 10, 2026
In __mfc_handle_released_buf of mfc_core_isr.c, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.
Memory Corruption
Android TEE Key Leak via Side Channel
CVE-2026-0115
2.1 - Low
- March 10, 2026
In Trusted Execution Environment, there is a possible key leak due to side channel information disclosure. This could lead to physical information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.
Improper Protection Against Physical Side Channels
Out-of-Bounds Write in Google Modem Enables RCE
CVE-2026-0114
9.8 - Critical
- March 10, 2026
In Modem, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.
Memory Corruption
Android OOB Write in ns_SmscbUtilities.c Enables Remote PrivEsc
CVE-2026-0113
9.8 - Critical
- March 10, 2026
In ns_GetUserData of ns_SmscbUtilities.c, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
Memory Corruption
VPU Driver UAF Enables Local Privilege Escalation on Android
CVE-2026-0112
7.4 - High
- March 10, 2026
In vpu_open_inst of vpu_ioctl.c, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
Dangling pointer
Android: ns_GetUserData OOB Write Enables Remote Priv Escalation
CVE-2026-0111
9.8 - Critical
- March 10, 2026
In ns_GetUserData of ns_SmscbUtilities.c, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
Memory Corruption
Android NR Msg Handler EoP via Memory Corrupt in cn_NrSmMsgHdlrFromMM
CVE-2026-0110
9.8 - Critical
- March 10, 2026
In MM_DATA_IND of cn_NrSmMsgHdlrFromMM.cpp, there is a possible EoP due to memory corruption. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
Classic Buffer Overflow
Google Android Wi-Fi Driver DoS via dhd_tcpdata_info_get
CVE-2026-0109
7.5 - High
- March 10, 2026
In dhd_tcpdata_info_get of dhd_ip.c, there is a possible Denial of Service due to a precondition check failure. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.
1419
PowerVR GPU Register Protection Misconfig Local Info Disclosure
CVE-2026-0108
4 - Medium
- March 10, 2026
The register protection of the PowerVR GPU is incorrectly configured. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.
Authorization
Local Priv Escalation via Confused Deputy in GMC Mba DDR Driver
CVE-2026-0107
8.4 - High
- March 10, 2026
In gmc_ddr_handle_mba_mr_req of gmc_mba_ddr.c, there is a possible escalation of privileges due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
Confused Deputy
KVM NVHE OOB Write Enables Local Priv Escalation
CVE-2025-36920
8.4 - High
- March 10, 2026
In hyp_alloc of arch/arm64/kvm/hyp/nvhe/alloc.c, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
Memory Corruption
Android DeviceId.java Bounds Check Vulnerability: Local PrivEsc via Desync
CVE-2025-48611
10 - Critical
- March 10, 2026
In DeviceId of DeviceId.java, there is a possible desync in persistence due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
Android BugreportContentProvider Path Traversal PrivEsc
CVE-2025-48636
8.4 - High
- March 02, 2026
In openFile of BugreportContentProvider.java, there is a possible way to read and write unauthorized files due to a path traversal error. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
Directory traversal
Android BroadcastController arbitrary activity launch flaw (CVE-2024-31328)
CVE-2024-31328
8.8 - High
- March 02, 2026
In broadcastIntentLockedTraced of BroadcastController.java, there is a possible way to launch arbitrary activities from the background on the paired companion phone due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
Protection Mechanism Failure
Android ActivityManagerService Local PrivEsc via Missing Permission Check
CVE-2026-0047
8.4 - High
- March 02, 2026
In dumpBitmapsProto of ActivityManagerService.java, there is a possible way for an app to access private information due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
Improper Handling of Insufficient Permissions or Privileges
Local Priv Escalation via mem_protect.c Logic Error in Android
CVE-2026-0038
8.4 - High
- March 02, 2026
In multiple functions of mem_protect.c, there is a possible way to execute arbitrary code due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
Android FFA.c Buffer Overflow Enables Local Priv Escalation
CVE-2026-0037
8.4 - High
- March 02, 2026
In multiple functions of ffa.c, there is a possible memory corruption due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
Android MediaProvider LPE via File Access Logic Error
CVE-2026-0035
8.4 - High
- March 02, 2026
In createRequest of MediaProvider.java, there is a possible way for an app to gain read/write access to non-existing files due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
Out-of-bounds Read
Android Notification Policy Desync via setPackageOrComponentEnabled
CVE-2026-0034
8.4 - High
- March 02, 2026
In setPackageOrComponentEnabled of ManagedServices.java, there is a possible notification policy desync due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
Improper Input Validation
Android MemProtect OOB Write Leads to Local Priv Escalation
CVE-2026-0032
7.8 - High
- March 02, 2026
In multiple functions of mem_protect.c, there is a possible out-of-bounds write due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
Improper Privilege Management
Android kernel mem_protect.c OOB write int overflow local privilege escalation
CVE-2026-0031
8.4 - High
- March 02, 2026
In multiple functions of mem_protect.c, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
Integer Overflow or Wraparound
Android Mem Protect OOB Write in __host_check_page_state_range
CVE-2026-0030
8.4 - High
- March 02, 2026
In __host_check_page_state_range of mem_protect.c, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
Memory Corruption
Android pkvm Init Memory Corruption: Local Priv Esc
CVE-2026-0029
8.4 - High
- March 02, 2026
In __pkvm_init_vm of pkvm.c, there is a possible memory corruption due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
Improper Privilege Management
Android Kernel OOB Write via __pkvm_host_share_guest Int Overflow
CVE-2026-0028
8.4 - High
- March 02, 2026
In __pkvm_host_share_guest of mem_protect.c, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
Integer Overflow or Wraparound
ARM SMMU V3 smmu_detach_dev UAF OOB write -> local privilege escalation
CVE-2026-0027
6.7 - Medium
- March 02, 2026
In smmu_detach_dev of arm-smmu-v3.c, there is a possible out of bounds write due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.
Dangling pointer
Android PermissionManagerServiceImpl Logic Error Enables Local Priv Escalation
CVE-2026-0026
7.8 - High
- March 02, 2026
In removePermission of PermissionManagerServiceImpl.java, there is a possible way to override any system permission due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.
AuthZ
Android OS Permission Bypass in Notification.hasImage Local Priv Escalation
CVE-2026-0025
8.4 - High
- March 02, 2026
In hasImage of Notification.java, there is a possible way to reveal information across users due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
Information Disclosure
Android MediaProvider 'isRedactionNeededForOpenViaContentResolver' Info Disclosure
CVE-2026-0024
4 - Medium
- March 02, 2026
In isRedactionNeededForOpenViaContentResolver of MediaProvider.java, there is a possible way to reveal the location of media due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.
AuthZ
Android PackageInstallerService Priv Escalation via Permission Bypass
CVE-2026-0023
7.8 - High
- March 02, 2026
In createSessionInternal of PackageInstallerService.java, there is a possible way for an app to update its ownership due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
Improper Privilege Management
Android AppInfoBase cross-user permission bypass (CVE20260021)
CVE-2026-0021
8.4 - High
- March 02, 2026
In hasInteractAcrossUsersFullPermission of AppInfoBase.java, there is a possible cross-user permission bypass due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
Confused Deputy
Android LPE via Permission Bypass in ParsedPermissionUtils
CVE-2026-0020
8.4 - High
- March 02, 2026
In parsePermissionGroup of ParsedPermissionUtils.java, there is a possible way to bypass a consent dialog to obtain permissions due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
Insecure Direct Object Reference / IDOR
Android BiometricService Logic Error Enables Local PrivEsc
CVE-2026-0017
7.7 - High
- March 02, 2026
In onChange of BiometricService.java, there is a possible way to enable fingerprint unlock due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
Protection Mechanism Failure
Android AppOpsService Persistent DoS via Input Validation
CVE-2026-0015
6.2 - Medium
- March 02, 2026
In multiple locations of AppOpsService.java, there is a possible persistent denial of service due to improper input validation. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.
Improper Input Validation
Android AppOpsService DoS via isPackageNullOrSystem
CVE-2026-0014
6.2 - Medium
- March 02, 2026
In isPackageNullOrSystem of AppOpsService.java, there is a possible persistent denial of service due to improper input validation. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.
Improper Input Validation
Android DocsUI Confused Deputy PrivEsc via PickActivity
CVE-2026-0013
8.4 - High
- March 02, 2026
In setupLayout of PickActivity.java, there is a possible way to start any activity as a DocumentsUI app due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
Confused Deputy
Android OS CVE-2026-0012: Contact Name Leak via ExpandableNotificationRow
CVE-2026-0012
6.2 - Medium
- March 02, 2026
In setHideSensitive of ExpandableNotificationRow.java, there is a possible contact name leak due due to a logic error in the code. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.
Authorization
Android Settings.java Logic Flaw Denies Location & Enables Local Priv Escalation
CVE-2026-0011
8.4 - High
- March 02, 2026
In enableSystemPackageLPw of Settings.java, there is a possible way to prevent location access from working due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
Protection Mechanism Failure
Android IDrmManagerService OOB Write Local Priv Escalation
CVE-2026-0010
8.4 - High
- March 02, 2026
In onTransact of IDrmManagerService.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
Memory Corruption
Android Privilege Escalation via Confused Deputy - CVE-2026-0008
CVE-2026-0008
8.4 - High
- March 02, 2026
In multiple locations, there is a possible privilege escalation due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
Confused Deputy
Android WindowInfo.cpp Tapjacking Escalation to Local Privilege
CVE-2026-0007
7.8 - High
- March 02, 2026
In writeToParcel of WindowInfo.cpp, there is a possible way to trick a user into accepting a permission due to a tapjacking/overlay attack. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
Clickjacking
Android OS: Heap Buffer Overflow RCE
CVE-2026-0006
9.8 - Critical
- March 02, 2026
In multiple locations, there is a possible out of bounds read and write due to a heap buffer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.
Heap-based Buffer Overflow
Android KeyguardServiceDelegate missing permission check: app pinning bypass
CVE-2026-0005
6.2 - Medium
- March 02, 2026
In onServiceDisconnected of KeyguardServiceDelegate.java, there is a possible partial bypass of app pinning allowing limited interaction with other apps without knowing the LSKF due to a missing permission check. This could lead to local information disclosure where the extent of interaction and impact is app-dependent with no additional execution privileges needed. User interaction is not needed for exploitation.
Information Disclosure
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Google Android or by Google? Click the Watch button to subscribe.
